/*     */ package com.lbd99.data.common.interceptor;
/*     */ 
/*     */ import java.io.IOException;
import java.io.PrintWriter;
/*     */ import java.util.ArrayList;
/*     */ import java.util.List;

/*     */ import javax.servlet.Filter;
/*     */ import javax.servlet.FilterChain;
/*     */ import javax.servlet.FilterConfig;
/*     */ import javax.servlet.ServletException;
/*     */ import javax.servlet.ServletRequest;
/*     */ import javax.servlet.ServletResponse;
/*     */ import javax.servlet.http.HttpServletRequest;
/*     */ import javax.servlet.http.HttpServletResponse;
/*     */ import javax.servlet.http.HttpSession;

import org.apache.log4j.Logger;

import com.lbd99.data.utils.SystemProperty;

/*     */ 
/*   abc  */
/*     */ public class AuthorityFilter
/*     */   implements Filter
/*     */ {
/*     */   private FilterConfig config;
/*  24 */   private List<String> ignorurls = new ArrayList<String>();
/*  25 */   private List<String> adminPath = new ArrayList<String>();
/*     */   private String loginPage;
/*  27 */   private static Logger log = Logger.getLogger(AuthorityFilter.class);
/*     */ 
/*     */   public void destroy()
/*     */   {
/*     */   }
/*     */ 
/*     */   public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
/*     */     throws IOException, ServletException
/*     */   {
/*     */     try
/*     */     {
/*  39 */       HttpServletRequest request = (HttpServletRequest)req;
/*  40 */       HttpServletResponse response = (HttpServletResponse)res;
/*  41 */       String reqUrl = request.getRequestURI();
/*     */ 
/*  43 */       if (isIgnorUrl(request)) {
/*  44 */         chain.doFilter(req, res);
/*  45 */       } else if (checkRole(request)) {
/*  46 */         chain.doFilter(req, res);
/*     */       } else {
/*  48 */         log.error(" 拒绝访问！请求的URL 是" + reqUrl);
/*  49 */         //response.sendRedirect(this.loginPage);
					toSript(response, "window.top.location.href=\"" + this.loginPage + "\"");
/*  50 */         return;
/*     */       }
/*     */     }
/*     */     catch (Exception e) {
/*  54 */       e.printStackTrace();
/*     */     }
/*     */   }
/*     */ 
/*  58 */   private boolean checkRole(HttpServletRequest request) { HttpSession session = request.getSession(true);
/*  59 */     if ((session.getAttribute("SESSION_INFO_OBJECT") == null) && (session.getAttribute("SESSION_INFO_OBJECT_ADMIN") == null)) {
/*  60 */       log.error("session is null.");
/*  61 */       return false;
/*     */     }
/*  63 */     if (isAdmin(request)) {
/*  64 */       if (session.getAttribute("SESSION_INFO_OBJECT_ADMIN") == null) {
/*  65 */         log.error("is admin ,but session_info_admin is null");
/*  66 */         return false;
/*     */       }
/*     */     }
/*  69 */     else if (session.getAttribute("SESSION_INFO_OBJECT") == null) {
/*  70 */       log.error("is user,but session is null");
/*  71 */       return false;
/*     */     }
/*     */ 
/*  74 */     return true; }
/*     */ 
/*     */   public void init(FilterConfig fConfig) throws ServletException
/*     */   {
/*  78 */     this.config = fConfig;

/*  79 */     String loginPage =SystemProperty.getKeyValue("loginPage", "auth.properties");
/*  80 */     String ignorUrl = SystemProperty.getKeyValue("ignorUrl", "auth.properties");
/*  81 */     String adminp = SystemProperty.getKeyValue("adminPath", "auth.properties");

/*  82 */     this.loginPage = loginPage;
/*  83 */     String[] iiurl = ignorUrl.split(",");
/*     */ 
/*  85 */     for (String s : iiurl) {
/*  86 */       System.out.println(s.trim());
/*  87 */       this.ignorurls.add(s.trim());
/*     */     }
/*     */ 
/*  91 */     if (adminp != null) {
/*  92 */       String[] adminpp = adminp.split(",");
/*  93 */       for (String s : adminpp)
/*  94 */         this.adminPath.add(s);
/*     */     }
/*     */   }
/*     */ 
/*     */   public boolean isIgnorUrl(HttpServletRequest request)
/*     */   {
/* 101 */     boolean flag = false;
/* 102 */     String rUrl = request.getRequestURI();
/* 103 */     String cpath = request.getContextPath();
/* 104 */     if (rUrl.indexOf("?") > 0) {
/* 105 */       rUrl = rUrl.split("?")[0];
/*     */     }
/* 107 */     if ((!rUrl.endsWith(".jsp")) && (!rUrl.endsWith(".do"))) {
/* 108 */       return true;
/*     */     }
/* 110 */     for (String s : this.ignorurls)
/*     */     {
/* 112 */       if (rUrl.equalsIgnoreCase(cpath + s)) {
/* 113 */         flag = true;
/* 114 */         break;
/*     */       }
/*     */     }
/* 117 */     return flag;
/*     */   }
/*     */ 
/*     */   public boolean isAdmin(HttpServletRequest request)
/*     */   {
/* 126 */     boolean flag = false;
/* 127 */     String rUrl = request.getRequestURI();
/* 128 */     String cpath = request.getContextPath();
/* 129 */     if (rUrl.indexOf("?") > 0) {
/* 130 */       rUrl = rUrl.split("?")[0];
/*     */     }
/* 132 */     if ((!rUrl.endsWith(".jsp")) && (!rUrl.endsWith(".do"))) {
/* 133 */       return false;
/*     */     }
/* 135 */     for (String s : this.adminPath) {
/* 136 */       if (rUrl.startsWith(cpath + s)) {
/* 137 */         flag = true;
/* 138 */         break;
/*     */       }
/*     */     }
/* 141 */     return flag;
/*     */   }

			public  void toSript(HttpServletResponse httpServletResponse, String str) {
			    StringBuffer sb = new StringBuffer();
			    sb.append("<script type=\"text/javascript\">");
			    sb.append(str);
			    sb.append("</script>");
			    httpServletResponse.setContentType("text/html");
			    writer(httpServletResponse, sb.toString());
			}
			
			public  void writer(HttpServletResponse response, String str) {
			    try {
			        // 设置页面不缓存
			        response.setHeader("Pragma", "No-cache");
			        response.setHeader("Cache-Control", "no-cache");
			        response.setContentType("text/html");
			        response.setCharacterEncoding("UTF-8");
			        PrintWriter out = response.getWriter();
			        out.print(str);
			        out.flush();
			        out.close();
			    } catch (IOException e) {
			        e.printStackTrace();
			    }
			}


/*     */ }

/* Location:           C:\Users\Administrator\Desktop\lbd99-core.jar
 * Qualified Name:     com.lbd99.core.authority.AuthorityFilter
 * JD-Core Version:    0.6.1
 */